www.casinorocket.com Open in urlscan Pro
185.135.9.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0...
Effective URL:
https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&trac...
Submission: On December 17 via api (December 17th 2024, 4:30:33 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 17 domains to perform 60 HTTP transactions. The main IP is 185.135.9.192, located in Frankfurt am Main, Germany and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is www.casinorocket.com.
TLS certificate: Issued by WE1 on November 6th 2024. Valid for: 3 months.

This is the only time www.casinorocket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 7	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2 2	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
1 1	104.19.132.76 104.19.132.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a00:1d26:c77... 2a00:1d26:c771::12	49544 (i3Dnet i3...) (i3Dnet i3D.net B.V)
3 3	88.214.195.18 88.214.195.18	46636 (NATCOWEB) (NATCOWEB)
2	88.214.195.115 88.214.195.115	46636 (NATCOWEB) (NATCOWEB)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1 1	104.19.133.76 104.19.133.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1d26:877... 2a00:1d26:8771::11	49544 (i3Dnet i3...) (i3Dnet i3D.net B.V)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.66.43.67 172.66.43.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	185.135.9.192 185.135.9.192	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	185.49.145.45 185.49.145.45	35415 (WEBZILLA ...) (WEBZILLA Webzilla B.V.)
1	104.16.160.145 104.16.160.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.148.59 172.64.148.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	11

7 173.214.240.15 (United States) 4 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

brain-shoping4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
woonews5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.182.164.180 (United States) 2 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.pushking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.132.76 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1d26:c771::12 (Newark, United States) 2 redirects

ASN49544 (i3Dnet i3D.net B.V, NL)

us.skated.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.214.195.18 (United Kingdom) 3 redirects

ASN46636 (NATCOWEB, US)

track-us.rwtks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.115 (United Kingdom)

ASN46636 (NATCOWEB, US)

ads-us.rwtks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.133.76 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clck.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1d26:8771::11 (Atlanta, United States) 1 redirects

ASN49544 (i3Dnet i3D.net B.V, NL)

us.skated.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.43.67 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newgenaffmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.135.9.192 (Frankfurt am Main, Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

www.casinorocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.49.145.45 (Netherlands)

ASN35415 (WEBZILLA Webzilla B.V., NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.59 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

payments-lib.cdn.s7s.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	casinorocket.com www.casinorocket.com	45 KB
5	rwtks.com 3 redirects track-us.rwtks.com — Cisco Umbrella Rank: 618770 ads-us.rwtks.com — Cisco Umbrella Rank: 492933	172 KB
5	skated.co 3 redirects us.skated.co — Cisco Umbrella Rank: 58169	7 KB
4	woonews5.xyz 1 redirects woonews5.xyz	3 KB
2	gstatic.com fonts.gstatic.com	36 KB
2	mgid.com 2 redirects c.mgid.com — Cisco Umbrella Rank: 7409 clck.mgid.com — Cisco Umbrella Rank: 48982	2 KB
2	pushking.net 2 redirects xml.pushking.net — Cisco Umbrella Rank: 134139	2 KB
2	freetrckr.com 2 redirects freetrckr.com	634 B
1	s7s.ai payments-lib.cdn.s7s.ai — Cisco Umbrella Rank: 477461	713 B
1	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669	1 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 55424	464 B
1	newgenaffmedia.com 1 redirects newgenaffmedia.com	926 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 47374	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	brain-shoping4.xyz 1 redirects brain-shoping4.xyz	129 B
0	jsdelivr.net Failed cdn.jsdelivr.net Failed
0	seondf.com Failed cdn.seondf.com Failed
60	17

	Domain	Requested by
6	www.casinorocket.com	www.casinorocket.com woonews5.xyz
5	us.skated.co	3 redirects woonews5.xyz us.skated.co
4	woonews5.xyz	1 redirects woonews5.xyz
3	track-us.rwtks.com	3 redirects
2	fonts.gstatic.com	fonts.googleapis.com www.casinorocket.com
2	ads-us.rwtks.com	woonews5.xyz
2	xml.pushking.net	2 redirects
2	freetrckr.com	2 redirects
1	payments-lib.cdn.s7s.ai	www.casinorocket.com
1	cdn.onesignal.com	www.casinorocket.com cdn.onesignal.com
1	datatechone.com	cdntechone.com
1	newgenaffmedia.com	1 redirects
1	cdntechone.com	us.skated.co
1	clck.mgid.com	1 redirects
1	c.mgid.com	1 redirects
1	fonts.googleapis.com	woonews5.xyz
1	brain-shoping4.xyz	1 redirects
0	cdn.jsdelivr.net Failed	www.casinorocket.com
0	cdn.seondf.com Failed	www.casinorocket.com
60	19

This site contains no links.

Subject Issuer	Validity	Valid
woonews5.xyz E5	`2024-11-05` - `2025-02-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.skated.co R10	`2024-11-22` - `2025-02-20`	3 months	crt.sh
cdntechone.com WE1	`2024-12-14` - `2025-03-14`	3 months	crt.sh
casinorocket.com WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2024-12-11` - `2025-12-23`	a year	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
s7s.ai WE1	`2024-11-25` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12
Frame ID: 013CE288F1AAA9D296DE9499C36EA21A
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rocket

Page URL History Show full URLs

http://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUz... HTTP 307
https://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUz... HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://xml.pushking.net/click?s=1&tid=534&sid=c2a3d883618ed2c68ed0cb46f00dd651&rnd=704499505 HTTP 302
https://clck.mgid.com/ghits/d/520102/i/57912405/src/3787/pp/1/1?h=3u2cH_k3F3TjtmyyBdUaUps-_fn4EcKG... HTTP 301
https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc... Page URL
https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc... HTTP 302
https://track-us.rwtks.com/push/c?auth=d36qsn&c=Zbe8t1pQ6uaVwRiSoGESw_holw8hEiS9GlQhQe7zXa-p59oc2Dw5-w9... HTTP 302
https://newgenaffmedia.com/mc0038d12 HTTP 302
https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2F... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

60
Requests

30 %
HTTPS

19 %
IPv6

17
Domains

19
Subdomains

11
IPs

5
Countries

273 kB
Transfer

405 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctMzQyMGU3OGNmMjUxNjRmODJhNTQ0NzkxY2JkY2M4ODUtMjQ3MC0wLjAwMzAyNCUyMiU1RCU3RA%3D%3D&t=1733832941413&rnd=915200061&js=1...%20311%20...ueXdscGpfYWxsX2diJTIyJTdE&if=1 HTTP 307
https://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctMzQyMGU3OGNmMjUxNjRmODJhNTQ0NzkxY2JkY2M4ODUtMjQ3MC0wLjAwMzAyNCUyMiU1RCU3RA%3D%3D&t=1733832941413&rnd=915200061&js=1...%20311%20...ueXdscGpfYWxsX2diJTIyJTdE&if=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.pushking.net/click?s=1&tid=534&sid=c2a3d883618ed2c68ed0cb46f00dd651&rnd=704499505 HTTP 302
https://clck.mgid.com/ghits/d/520102/i/57912405/src/3787/pp/1/1?h=3u2cH_k3F3TjtmyyBdUaUps-_fn4EcKGboMp0tVRltkPLZR_ue2Zp9vQK18WJErWh7RcUVA759o2S_iNok6aPB3tKezZfus_kkLy7-HVqIc*&rid=394eec34-bc94-11ef-8169-c84bd68370b4&u=SlD-eoYJqFer0KkA4Pm0z6TjS3-fzzM5_UBdMaKg1bJbqqDoFD4dMKuM03mklwYUsWHkeItpudyXadX8ZcdyiZnQIH42sLt5w91LYEVFcHCwTOErPYW7fiQLH532fENZpZsFMVNEDg_HlOWDpPd0hdi1mEjHZwyUsptU0jeeLno*&tt=Direct&att=3&pubsrcid=19032210&ct=1&st=60&h2=N0NBUBL1oECdTip1Ljhr07mkLhdwwlmaR3J7WcOuQX_paEHYjp_yO966Sd6Ln35T HTTP 301
https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27 Page URL
https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27&token=e21e8ee2cf6549f305a780f07919bab5&adex-performed=true&timezone=-60&iframe_test=false&webdriver_test=false&latency=945 HTTP 302
https://track-us.rwtks.com/push/c?auth=d36qsn&c=Zbe8t1pQ6uaVwRiSoGESw_holw8hEiS9GlQhQe7zXa-p59oc2Dw5-w9LJyC1wS6tShU4dodZ81NtQs6Oqd9772e0uXuXqaYYRCCoVbgjd_ewzrGFLlFdid6ygtuOu6Vy1AYp_KuC-kffwof8-MbJxuYAZWJDhiPq970W6W59T0CBk6VwfkocqOdBZ1qvPZuyN63rHMuNA300l1Ahrt9GXJ4sTZDRKknlaDlFNt5QlfHM9PFeBJGQUu1zsqYA7NXbTiCCltXFEwk-h-KPfX4eQeoPutY-zebTUdwjUl-D7w0VgXWX-oUhkou0BS8yBg-hatPsmsv77JrRZ62z0_ImTlV-FwaVAmSA1kkmxeDINOfhQbN6Xdl58FU_nwzoyj-XzE3qHCZcjhUEXKJRhh0sof4TEqCqHqWoeKx0AyBWaID1qlW8C-oORtQTJW0uxldAe4UWuWFOHzBF_wvLVSWxXRDx00c HTTP 302
https://newgenaffmedia.com/mc0038d12 HTTP 302
https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctMzQyMGU3OGNmMjUxNjRmODJhNTQ0NzkxY2JkY2M4ODUtMjQ3MC0wLjAwMzAyNCUyMiU1RCU3RA%3D%3D&t=1733832941413&rnd=915200061&js=1...%20311%20...ueXdscGpfYWxsX2diJTIyJTdE&if=1 HTTP 307
https://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctMzQyMGU3OGNmMjUxNjRmODJhNTQ0NzkxY2JkY2M4ODUtMjQ3MC0wLjAwMzAyNCUyMiU1RCU3RA%3D%3D&t=1733832941413&rnd=915200061&js=1...%20311%20...ueXdscGpfYWxsX2diJTIyJTdE&if=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://woonews5.xyz/event_3c145f83-1679-378b-f251-7a98e1e67179_101_3813_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGMyYTNkODgzNjE4ZWQyYzY4ZWQwY2I0NmYwMGRkNjUxJTI2cm5kJTNEMjg0OTAyMzMx&t=1734453028070&rnd=410280350&i=1 HTTP 302
https://xml.pushking.net/icon?sid=c2a3d883618ed2c68ed0cb46f00dd651&rnd=284902331 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|3u2cH_k3F3TjtmyyBdUaUps-_fn4EcKGboMp0tVRltkPLZR_ue2Zp9vQK18WJErWh7RcUVA759o2S_iNok6aPB3tKezZfus_kkLy7-HVqIc*&cid=1581047&f=1&h2=N0NBUBL1oECdTip1Ljhr07mkLhdwwlmaR3J7WcOuQX_paEHYjp_yO966Sd6Ln35T&rid=394eec34-bc94-11ef-8169-c84bd68370b4&psid=19032210&turl=https%3A%2F%2Fservicer.mgid.com%2Fpixel%3Fh%3DrOwDaoikOiMn4wZGsoYjJ21sfmkeBRJ3Wni9ZEuV7BgJEpOxP29r9c0yvyoxLnnD2WorxeWbhqd7qtkMJsXXQEGZp3RlNiuU9yz-ycxaW7ox8qqVsv_3DWuK-NDDmz8A%26r%3D394eec34-bc94-11ef-8169-c84bd68370b4%26l%3D%26c%3D%26ps%3D19032210%26tt%3DDirect%26ts%3D%26iv%3D0%26prid%3D0%26advsrc%3D3787&iub=aHR0cHM6Ly91cy5za2F0ZWQuY28vbnR5L21ldHJpY3Mvc2F2ZS5pbWc_ZXZlbnQ9aW1wcmVzc2lvbnMmYmlkLWlkPXYyLTE3MzQ0NTMwMjc0NTQtNy0xMTcwLTEzNDEzMjEtMzBlNGUxMDUtY2JjNi0wNmRkLWJjNWYtZDk5ZjBhMmRiYTI3JmltZz1odHRwcyUzQSUyRiUyRnRyYWNrLXVzLnJ3dGtzLmNvbSUyRnB1c2glMkZpYyUzRmF1dGglM0RkMzZxc24lMjZjJTNEa1FZUDJMSWNENHFfRU4tRTBLOUQwU1hxcWtoZ0JXcm9fTy1oUnZ6ZzJiZ0x1a21zODhMNnVEMDJzRmZhT1VoQWM1NTJPcEQzTU9feXQ3WEtCZnhGRmo2cE1XVFJ6ZEs2WlZSR0haT3FYR3NVdnRQODNNMDFLNG9IdExZSTMtQWp0MnRTT2x1dWIwcVRTMXZmSGZGaXN4YXI3ZTdtTE1zVzFoSUxVd2lPc1hRM01vYUpLRnZLMXNacmRCTV84TlBLUTlndlNiTC1MMFpuSkk2RFh1bTJ3LXRvY3FfSkJQWHVIdmQ2LUxGZkR5RzNvbHVGZHltR3BIS085UVJjTEh0VFFwdmlyb1hEU0VqTlJZLWl2enpIRVZtck9ydEhNSjhiVm1fVmxtbThTck9lb2JTMTNzcGV5enVLdzE4NVdyWWt5VXl3R1FSdVVzMmRkOVFPa1VXSTktNDg2RzJXSHdfZzhPT1R2TG1ZNm5zSUNuM2FENE5aR2RNa0xKRDgxVjNxUzlla3NteVJDMkpFZkotdzVlc2Y4NDdMQTV6YzNwY0huZWtHeGdnWmJBdHE0dzJybjMxZlMxMWhZcklLenoxaDJpQmtCOWF4LUhFbE43ZVpMallsdDRIVS1iakZrcjN5MzVzMWRBeVRKY3pkeEpINFFtdzhzV280MHN2T1otcndTU2JrdkVCQVctbmtvZFJqZHhuNlJ2aldrUV83OXBHU0Y1TU5Fdw== HTTP 301
https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27&img=https%3A%2F%2Ftrack-us.rwtks.com%2Fpush%2Fic%3Fauth%3Dd36qsn%26c%3DkQYP2LIcD4q_EN-E0K9D0SXqqkhgBWro_O-hRvzg2bgLukms88L6uD02sFfaOUhAc552OpD3MO_yt7XKBfxFFj6pMWTRzdK6ZVRGHZOqXGsUvtP83M01K4oHtLYI3-Ajt2tSOluub0qTS1vfHfFisxar7e7mLMsW1hILUwiOsXQ3MoaJKFvK1sZrdBM_8NPKQ9gvSbL-L0ZnJI6DXum2w-tocq_JBPXuHvd6-LFfDyG3oluFdymGpHKO9QRcLHtTQpviroXDSEjNRY-ivzzHEVmrOrtHMJ8bVm_Vlmm8SrOeobS13speyzuKw185WrYkyUywGQRuUs2dd9QOkUWI9-486G2WHw_g8OOTvLmY6nsICn3aD4NZGdMkLJD81V3qS9eksmyRC2JEfJ-w5esf847LA5zc3pcHnekGxggZbAtq4w2rn31fS11hYrIKzz1h2iBkB9ax-HElN7eZLjYlt4HU-bjFkr3y35s1dAyTJczdxJH4Qmw8sWo40svOZ-rwSSbkvEBAW-nkodRjdxn6RvjWkQ_79pGSF5MNEw HTTP 302
https://track-us.rwtks.com/push/ic?auth=d36qsn&c=kQYP2LIcD4q_EN-E0K9D0SXqqkhgBWro_O-hRvzg2bgLukms88L6uD02sFfaOUhAc552OpD3MO_yt7XKBfxFFj6pMWTRzdK6ZVRGHZOqXGsUvtP83M01K4oHtLYI3-Ajt2tSOluub0qTS1vfHfFisxar7e7mLMsW1hILUwiOsXQ3MoaJKFvK1sZrdBM_8NPKQ9gvSbL-L0ZnJI6DXum2w-tocq_JBPXuHvd6-LFfDyG3oluFdymGpHKO9QRcLHtTQpviroXDSEjNRY-ivzzHEVmrOrtHMJ8bVm_Vlmm8SrOeobS13speyzuKw185WrYkyUywGQRuUs2dd9QOkUWI9-486G2WHw_g8OOTvLmY6nsICn3aD4NZGdMkLJD81V3qS9eksmyRC2JEfJ-w5esf847LA5zc3pcHnekGxggZbAtq4w2rn31fS11hYrIKzz1h2iBkB9ax-HElN7eZLjYlt4HU-bjFkr3y35s1dAyTJczdxJH4Qmw8sWo40svOZ-rwSSbkvEBAW-nkodRjdxn6RvjWkQ_79pGSF5MNEw HTTP 302
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322557865-qrhwKpl1jg1a.png

Request Chain 3

https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27&price=0&img=https%3A%2F%2Ftrack-us.rwtks.com%2Fpush%2Fim%3Fauth%3Dd36qsn%26c%3DHKSuTFHvGz2nzxd1emL2fpadyTv0VtwtSbHzf5JJhzmkRgQ_m51htngWKD7j27mDoT0rAthW25mYa47ES_xMAoNzOj4xKJed6EdEDpFLzCvdc18RgzNdt1nwZRc1xtk7ScAyCDW4FLHRKWtoyqNkkKwCG1OxVr5VzO37b4x-t8XY5FfN2Lvwej4nqGjBLKBSE4Qu7cLPqEEGtbaQ-EvdGb2v5G7j3qRFDsDhWpYRTiv5J7E9NoyyEX5QAubjUVQ8NmahaWnEZX0mfkgkF9il5JndE4SVQ3rFWAgtcwRyfNUkgIQ-qnU0OK8BcuAVTyHCp4Tr9p3AfgSm_6per0PtAqtrLP5bOm6XJlQrNxjpyJlhj76WFTHXo6WDD3sLL0egBrnNVdgynB-3yveuXqiriaz0I9jS4Xu-uAcD3PTtFVWFCLazaWt8ThgkS0RTJv3px3vAgl2etpU5QjzqFt5TeB7dzPHN_WHbZOdpRfGm0MQw94rCbHwmTllj3cpJ6GY4IGwsZf09qvrCHEXlyxRPGMYpIIt2wrN2cobQ-Q HTTP 302
https://track-us.rwtks.com/push/im?auth=d36qsn&c=HKSuTFHvGz2nzxd1emL2fpadyTv0VtwtSbHzf5JJhzmkRgQ_m51htngWKD7j27mDoT0rAthW25mYa47ES_xMAoNzOj4xKJed6EdEDpFLzCvdc18RgzNdt1nwZRc1xtk7ScAyCDW4FLHRKWtoyqNkkKwCG1OxVr5VzO37b4x-t8XY5FfN2Lvwej4nqGjBLKBSE4Qu7cLPqEEGtbaQ-EvdGb2v5G7j3qRFDsDhWpYRTiv5J7E9NoyyEX5QAubjUVQ8NmahaWnEZX0mfkgkF9il5JndE4SVQ3rFWAgtcwRyfNUkgIQ-qnU0OK8BcuAVTyHCp4Tr9p3AfgSm_6per0PtAqtrLP5bOm6XJlQrNxjpyJlhj76WFTHXo6WDD3sLL0egBrnNVdgynB-3yveuXqiriaz0I9jS4Xu-uAcD3PTtFVWFCLazaWt8ThgkS0RTJv3px3vAgl2etpU5QjzqFt5TeB7dzPHN_WHbZOdpRfGm0MQw94rCbHwmTllj3cpJ6GY4IGwsZf09qvrCHEXlyxRPGMYpIIt2wrN2cobQ-Q HTTP 302
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322595416-IjoEJEvXcoSB.png

Request Chain 8

https://xml.pushking.net/click?s=1&tid=534&sid=c2a3d883618ed2c68ed0cb46f00dd651&rnd=704499505 HTTP 302
https://clck.mgid.com/ghits/d/520102/i/57912405/src/3787/pp/1/1?h=3u2cH_k3F3TjtmyyBdUaUps-_fn4EcKGboMp0tVRltkPLZR_ue2Zp9vQK18WJErWh7RcUVA759o2S_iNok6aPB3tKezZfus_kkLy7-HVqIc*&rid=394eec34-bc94-11ef-8169-c84bd68370b4&u=SlD-eoYJqFer0KkA4Pm0z6TjS3-fzzM5_UBdMaKg1bJbqqDoFD4dMKuM03mklwYUsWHkeItpudyXadX8ZcdyiZnQIH42sLt5w91LYEVFcHCwTOErPYW7fiQLH532fENZpZsFMVNEDg_HlOWDpPd0hdi1mEjHZwyUsptU0jeeLno*&tt=Direct&att=3&pubsrcid=19032210&ct=1&st=60&h2=N0NBUBL1oECdTip1Ljhr07mkLhdwwlmaR3J7WcOuQX_paEHYjp_yO966Sd6Ln35T HTTP 301
https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js Show response
woonews5.xyz/
Redirect Chain

http://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctMzQyMGU3OGNmMjUxNjRmODJhNTQ0NzkxY2J...
https://brain-shoping4.xyz/event_160b69c9-7f16-ec87-2729-205a715e940f_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctMzQyMGU3OGNmMjUxNjRmODJhNTQ0NzkxY2...
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
3 KB

483ms
148ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: c368b52084ce8913468078b6e812d35c8dc08e326674c9796232b8a56facf11f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 17 Dec 2024 16:30:28 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Tue, 17 Dec 2024 16:30:27 GMT
location: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 56ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: woonews5.xyz
URL: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

794e424cad112f306e1bf057c71a9c9f3c9de2adb2831f02f1159e93f6049061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://woonews5.xyz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 16:30:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 16:30:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 16:18:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1

200
OK

1733322557865-qrhwKpl1jg1a.png
ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/
Redirect Chain

https://woonews5.xyz/event_3c145f83-1679-378b-f251-7a98e1e67179_101_3813_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGMyYTNkODgzNjE4ZWQyYzY4ZWQwY2I0NmYwMGRkNjUxJTI2cm5...
https://xml.pushking.net/icon?sid=c2a3d883618ed2c68ed0cb46f00dd651&rnd=284902331
https://c.mgid.com/c?pv=2&v=0|0|0|3u2cH_k3F3TjtmyyBdUaUps-_fn4EcKGboMp0tVRltkPLZR_ue2Zp9vQK18WJErWh7RcUVA759o2S_iNok6aPB3tKezZfus_kkLy7-HVqIc*&cid=1581047&f=1&h2=N0NBUBL1oECdTip1Ljhr07mkLhdwwlmaR3J...
https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27&img=https%3A%2F%2Ftrack-us.rwtks.com%2Fpush%2Fic%3Fauth%3Dd36...
https://track-us.rwtks.com/push/ic?auth=d36qsn&c=kQYP2LIcD4q_EN-E0K9D0SXqqkhgBWro_O-hRvzg2bgLukms88L6uD02sFfaOUhAc552OpD3MO_yt7XKBfxFFj6pMWTRzdK6ZVRGHZOqXGsUvtP83M01K4oHtLYI3-Ajt2tSOluub0qTS1vfHfFi...
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322557865-qrhwKpl1jg1a.png

37 KB
37 KB

358ms
181ms

Image
image/png

88.214.195.115
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322557865-qrhwKpl1jg1a.png
Requested by: Host: woonews5.xyz
URL: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: HTTP/1.1
Server: 88.214.195.115 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a3625e608de3427f6cb1121d61f3108d17058f7cf629b7f9eabe876637e6837b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://woonews5.xyz/

Response headers

ETag: "6750673f-93a4"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37796
Date: Tue, 17 Dec 2024 16:30:29 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Dec 2024 14:29:19 GMT
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322557865-qrhwKpl1jg1a.png
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 0
Date: Tue, 17 Dec 2024 16:30:29 GMT
Server: nginx

GET
H/1.1

200
OK

1733322595416-IjoEJEvXcoSB.png
ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/
Redirect Chain

https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27&price=0&img=https%3A%2F%2Ftrack-us.rwtks.com%2Fpush%2...
https://track-us.rwtks.com/push/im?auth=d36qsn&c=HKSuTFHvGz2nzxd1emL2fpadyTv0VtwtSbHzf5JJhzmkRgQ_m51htngWKD7j27mDoT0rAthW25mYa47ES_xMAoNzOj4xKJed6EdEDpFLzCvdc18RgzNdt1nwZRc1xtk7ScAyCDW4FLHRKWtoyqNk...
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322595416-IjoEJEvXcoSB.png

134 KB
134 KB

415ms
182ms

Image
image/png

88.214.195.115
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322595416-IjoEJEvXcoSB.png
Requested by: Host: woonews5.xyz
URL: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: HTTP/1.1
Server: 88.214.195.115 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 66cffad452236426dcb8ad573ebb899a10edc44f2592407f9e522f056137a13b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://woonews5.xyz/

Response headers

ETag: "67506763-216c5"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136901
Date: Tue, 17 Dec 2024 16:30:29 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Dec 2024 14:29:55 GMT
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1733322595416-IjoEJEvXcoSB.png
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 0
Date: Tue, 17 Dec 2024 16:30:29 GMT
Server: nginx

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 81ms
9ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://woonews5.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 541162
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 10:11:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 85ms
12ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://woonews5.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 26650
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 404 favicon.ico
woonews5.xyz/ 548 B
245 B 149ms
149ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://woonews5.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 16:30:29 GMT
content-type: text/html
server: nginx

GET
H2 200 event_3c145f83-1679-378b-f251-7a98e1e67179_101_0_3000 Show response
woonews5.xyz/ 147 B
237 B 148ms
147ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://woonews5.xyz/event_3c145f83-1679-378b-f251-7a98e1e67179_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LWMyYTNkODgzNjE4ZWQyYzY4ZWQwY2I0NmYwMGRkNjUxLTM4MTMtMC4wMDAwNzIlMjIlNUQlN0Q%3D&t=1734453028070&rnd=613923151&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: woonews5.xyz
URL: https://woonews5.xyz/sw_6fe9c69e-7cdf-688a-6384-2bac74d4dcfe_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 83522ef588f1f83f2a095f8a8f0091f9fff54e27287e2793e3846f9eabed84e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 16:30:30 GMT
content-type: application/javascript
server: nginx

GET
H2

200

click Show response
us.skated.co/nty/postback/
Redirect Chain

https://xml.pushking.net/click?s=1&tid=534&sid=c2a3d883618ed2c68ed0cb46f00dd651&rnd=704499505
https://clck.mgid.com/ghits/d/520102/i/57912405/src/3787/pp/1/1?h=3u2cH_k3F3TjtmyyBdUaUps-_fn4EcKGboMp0tVRltkPLZR_ue2Zp9vQK18WJErWh7RcUVA759o2S_iNok6aPB3tKezZfus_kkLy7-HVqIc*&rid=394eec34-bc94-11ef...
https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27

22 KB
5 KB

329ms
113ms

Document
text/html

2a00:1d26:8771::11
i3Dnet i3D.net B.V

General

Check archive.org

Show headers Download Go to

Full URL: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27
Requested by: Host: woonews5.xyz
URL: https://woonews5.xyz/event_3c145f83-1679-378b-f251-7a98e1e67179_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LWMyYTNkODgzNjE4ZWQyYzY4ZWQwY2I0NmYwMGRkNjUxLTM4MTMtMC4wMDAwNzIlMjIlNUQlN0Q%3D&t=1734453028070&rnd=613923151&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1d26:8771::11 Atlanta, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 9ab8d6395b1e564664e4b4e42079a9a24b98d8d74ca517dffbc7039bd3f922ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 16:30:32 GMT
server: openresty/1.21.4.1

Redirect headers

accept-ch: sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8f384c586f51914d-FRA
content-length: 694
content-type: text/html; charset=utf-8
date: Tue, 17 Dec 2024 16:30:31 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff nosniff
x-mg-click-uuid: 3f7aae76-1260-5dd1-0518-7fbcd6cc3c22
x-robots-tag: noindex

GET
H3 200 stattag.js
cdntechone.com/ 16 KB
8 KB 57ms
31ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: us.skated.co
URL: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://us.skated.co/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"668fb2b6-406a"
age: 4346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2WJJ7Fm8yMhBESt4PiRM1zeDdRisUEfFi2rlTDwjGc4w7%2BKjN87rrDRCPGCWpOIPu2FtHE5FiEEG0uNVI37vcaMq20I1FZJKhPM7o9trJagY1WU2ziKtk2nNyZGBaH3cw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6528&min_rtt=6492&rtt_var=1890&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4268&delivery_rate=87644&cwnd=12000&unsent_bytes=0&cid=1e536cf84ebebbc0&ts=37&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
vary: Accept-Encoding
priority: u=3,i=?0
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f384c5ba9521cc9-FRA
server: cloudflare

GET
H2

200

Primary Request xmas Show response
www.casinorocket.com/promo/
Redirect Chain

https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27&token=e21e8ee2cf6549f305a780f07919bab5&adex-performed=true&timezone=-60&iframe_test=...
https://track-us.rwtks.com/push/c?auth=d36qsn&c=Zbe8t1pQ6uaVwRiSoGESw_holw8hEiS9GlQhQe7zXa-p59oc2Dw5-w9LJyC1wS6tShU4dodZ81NtQs6Oqd9772e0uXuXqaYYRCCoVbgjd_ewzrGFLlFdid6ygtuOu6Vy1AYp_KuC-kffwof8-MbJx...
https://newgenaffmedia.com/mc0038d12
https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

20 KB
3 KB

94ms
64ms

Document
text/html

185.135.9.192
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.135.9.192 Frankfurt am Main, Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29adcfe8a81c3aa1a9c079ccf82c854220e18205667b4a8bf7f7cb09c09201c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://us.skated.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 8f384c5f2fedd296-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 17 Dec 2024 16:30:32 GMT
last-modified: Mon, 16 Dec 2024 12:44:51 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f384c5e2ab6d355-FRA
content-type: text/html; charset=utf-8
date: Tue, 17 Dec 2024 16:30:32 GMT
location: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3%2Fjhw34AbD%2FDYnV%2Bw6vLP82VlTAw7P7dkmpK%2BCctlT2EelPMCvvmGtSpRmw1PTn6tnmy%2FcnjnSpBFjy0%2BjUkufEKgvHgBFSoys5SwS90f9GADCXARauVlzdhscDFQzifqXDngM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6759&min_rtt=6424&rtt_var=1380&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4181&recv_bytes=4503&delivery_rate=862&cwnd=12000&unsent_bytes=0&cid=162f8ec40747ccdc&ts=138&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000
vary: Accept-Encoding

POST
H2 204 antifraud
us.skated.co/nty/ 0
113 B 108ms
107ms Ping
text/plain 2a00:1d26:8771::11
i3Dnet i3D.net B.V

General

Check archive.org

Show headers Download Go to

Full URL: https://us.skated.co/nty/antifraud
Requested by: Host: us.skated.co
URL: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1d26:8771::11 Atlanta, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27

Response headers

access-control-allow-origin: https://us.skated.co
date: Tue, 17 Dec 2024 16:30:32 GMT
server: openresty/1.21.4.1
access-control-allow-credentials: true

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
464 B 49ms
13ms XHR
text/plain 185.49.145.45
WEBZILLA Webzilla...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763&ruid=886660ad-cde9-4117-85ab-7d0554362651
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.49.145.45 , Netherlands, ASN35415 (WEBZILLA Webzilla B.V., NL),
Reverse DNS
Software: nginx/1.25.5 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://us.skated.co/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://us.skated.co
Content-Length: 2
Date: Tue, 17 Dec 2024 16:30:32 GMT
Content-Type: text/plain; charset=utf-8
Server: nginx/1.25.5
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 200 OneSignalSDK.page.js Show response
cdn.onesignal.com/sdks/web/v16/ 2 KB
1 KB 44ms
29ms Script
application/javascript 104.16.160.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Requested by

Host: www.casinorocket.com
URL: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7117651b417a2cd9ae025f1d78ae94dbb24bba520b5d7a962d66dc7b85011d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.casinorocket.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"ddd578065f98e195848d7fc86a519869"
age: 1954
expires: Fri, 20 Dec 2024 16:30:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 8f384c601afedc9c-FRA
server: cloudflare

GET
H2 200 index.js Show response
payments-lib.cdn.s7s.ai/v1/ 816 B
713 B 72ms
41ms Script
application/javascript 172.64.148.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-lib.cdn.s7s.ai/v1/index.js
Requested by: Host: www.casinorocket.com
URL: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.59 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae583f8459b367b5b657fd4a368fa066dedcb88051ddc9339144db478784fff5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.casinorocket.com/

Response headers

cache-control: max-age=300
content-encoding: gzip
cf-cache-status: HIT
etag: W/"index.9e4c0a0f09.js"
age: 554
cf-ray: 8f384c602e32d390-FRA
expires: Thu, 19 Dec 2024 16:30:33 GMT
access-control-allow-origin: *
date: Tue, 17 Dec 2024 16:30:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET agent.js
cdn.seondf.com/js/v5/ 0
0

GET odometer.min.js
cdn.jsdelivr.net/npm/odometer@0.4.8/ 0
0

GET
H2 200 chunk-YNHBZXSM.js Show response
www.casinorocket.com/ 4 KB
2 KB 27ms
25ms Script
application/javascript 185.135.9.192
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casinorocket.com/chunk-YNHBZXSM.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.135.9.192 Frankfurt am Main, Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0897fd49e18830b81ce46354e93bbdc1bc3d293f9caf221f824eb80a2ddbadbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.casinorocket.com
Referer: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"676020c3-e72"
age: 5109
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Wed, 18 Dec 2024 16:30:32 GMT
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 12:44:51 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 8f384c600af6d296-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 chunk-2IDFVJC7.js Show response
www.casinorocket.com/ 4 KB
2 KB 25ms
23ms Script
application/javascript 185.135.9.192
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casinorocket.com/chunk-2IDFVJC7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.135.9.192 Frankfurt am Main, Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0003609bf82177e5f7d3b7b33e41d14ac9a4c1dfd16951e220ee4a4ce4af357

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.casinorocket.com
Referer: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"676020c3-1186"
age: 5109
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Wed, 18 Dec 2024 16:30:32 GMT
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 12:44:51 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 8f384c600af9d296-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 chunk-KFMXUCLS.js Show response
www.casinorocket.com/ 3 KB
1 KB 33ms
31ms Script
application/javascript 185.135.9.192
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casinorocket.com/chunk-KFMXUCLS.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.135.9.192 Frankfurt am Main, Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

844fc6adeee91ebf6089824f97ea1fd190fcbc44cb12108e2e8ac40d937e2fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.casinorocket.com
Referer: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"676020c3-d75"
age: 4627
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Wed, 18 Dec 2024 16:30:32 GMT
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 12:44:51 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 8f384c600afbd296-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 polyfills-5JZA5FPJ.js Show response
www.casinorocket.com/ 34 KB
12 KB 29ms
27ms Script
application/javascript 185.135.9.192
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casinorocket.com/polyfills-5JZA5FPJ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.135.9.192 Frankfurt am Main, Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81256b01a8b1717441b7b092170d0a15674da07c62bc9915879a9540ec7654f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.casinorocket.com
Referer: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"676020c3-8658"
age: 3607
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Wed, 18 Dec 2024 16:30:32 GMT
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 12:44:51 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 8f384c600afcd296-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 main-EMA2IS3E.js Show response
www.casinorocket.com/ 79 KB
25 KB 30ms
29ms Script
application/javascript 185.135.9.192
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casinorocket.com/main-EMA2IS3E.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.135.9.192 Frankfurt am Main, Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e14437bd879a04162a6cd4941261b1dc715078c9451bf316b0a9cb39bfaaec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.casinorocket.com
Referer: https://www.casinorocket.com/promo/xmas?stag=176802_6761a728fc91710cf3984fbd&http_referrer=https%3A%2F%2Fus.skated.co%2F&tracking_link=http%3A%2F%2Fnewgenaffmedia.com%2Fmc0038d12

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"676020c3-13cea"
age: 5110
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Wed, 18 Dec 2024 16:30:32 GMT
date: Tue, 17 Dec 2024 16:30:32 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 12:44:51 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 8f384c600afdd296-FRA
access-control-allow-origin: *
server: cloudflare

GET styles-XPGUSFHH.css
www.casinorocket.com/ 0
0

GET pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 0
0

GET chunk-Y52MKZMA.js
www.casinorocket.com/ 0
0

GET chunk-4DHHCPOF.js
www.casinorocket.com/ 0
0

GET chunk-36GAWGJN.js
www.casinorocket.com/ 0
0

GET chunk-P2PF5AOR.js
www.casinorocket.com/ 0
0

GET chunk-PHEQHCXJ.js
www.casinorocket.com/ 0
0

GET chunk-4M2L4V2T.js
www.casinorocket.com/ 0
0

GET chunk-K7LYYJNJ.js
www.casinorocket.com/ 0
0

GET chunk-OMGQEKIO.js
www.casinorocket.com/ 0
0

GET chunk-SGOTKNA5.js
www.casinorocket.com/ 0
0

GET chunk-ZWWSQJV7.js
www.casinorocket.com/ 0
0

GET chunk-UKR7X4BU.js
www.casinorocket.com/ 0
0

GET chunk-CQTKABIC.js
www.casinorocket.com/ 0
0

GET chunk-4Z63QVKR.js
www.casinorocket.com/ 0
0

GET chunk-BFASMRTT.js
www.casinorocket.com/ 0
0

GET chunk-4N3FYMPK.js
www.casinorocket.com/ 0
0

GET chunk-ZL46LRBC.js
www.casinorocket.com/ 0
0

GET chunk-FSPIYSGY.js
www.casinorocket.com/ 0
0

GET chunk-4K67B5B4.js
www.casinorocket.com/ 0
0

GET chunk-E5J72VIF.js
www.casinorocket.com/ 0
0

GET chunk-OZMGV3WC.js
www.casinorocket.com/ 0
0

GET chunk-AAXUYWL6.js
www.casinorocket.com/ 0
0

GET chunk-D5EGECLP.js
www.casinorocket.com/ 0
0

GET chunk-YBD6ZIYZ.js
www.casinorocket.com/ 0
0

GET chunk-K4YWYSTN.js
www.casinorocket.com/ 0
0

GET chunk-JRSBK4WQ.js
www.casinorocket.com/ 0
0

GET chunk-5R5FTOUB.js
www.casinorocket.com/ 0
0

GET chunk-CEV4GRGJ.js
www.casinorocket.com/ 0
0

GET chunk-FIDSYNCR.js
www.casinorocket.com/ 0
0

GET chunk-F4O2BGE6.js
www.casinorocket.com/ 0
0

GET chunk-EQVPCUYS.js
www.casinorocket.com/ 0
0

GET chunk-JFVPPNE6.js
www.casinorocket.com/ 0
0

GET chunk-YWCQE54A.js
www.casinorocket.com/ 0
0

GET chunk-UMSRZ6Z6.js
www.casinorocket.com/ 0
0

GET chunk-QHHBZUR7.js
www.casinorocket.com/ 0
0

GET chunk-JPKLQMV2.js
www.casinorocket.com/ 0
0

GET OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.seondf.com
URL: https://cdn.seondf.com/js/v5/agent.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/odometer@0.4.8/odometer.min.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/styles-XPGUSFHH.css

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-Y52MKZMA.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-4DHHCPOF.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-36GAWGJN.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-P2PF5AOR.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-PHEQHCXJ.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-4M2L4V2T.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-K7LYYJNJ.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-OMGQEKIO.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-SGOTKNA5.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-ZWWSQJV7.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-UKR7X4BU.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-CQTKABIC.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-4Z63QVKR.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-BFASMRTT.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-4N3FYMPK.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-ZL46LRBC.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-FSPIYSGY.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-4K67B5B4.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-E5J72VIF.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-OZMGV3WC.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-AAXUYWL6.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-D5EGECLP.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-YBD6ZIYZ.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-K4YWYSTN.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-JRSBK4WQ.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-5R5FTOUB.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-CEV4GRGJ.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-FIDSYNCR.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-F4O2BGE6.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-EQVPCUYS.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-JFVPPNE6.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-YWCQE54A.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-UMSRZ6Z6.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-QHHBZUR7.js

Domain: www.casinorocket.com
URL: https://www.casinorocket.com/chunk-JPKLQMV2.js

Domain: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160205

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PaymentsAPI

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
us.skated.co/nty/postback	1969-12-31 23:59:59	Name: platform_user_id Value: desktop:3c0abd955932875a9f239cf07d4323cd
us.skated.co/nty/postback	1970-01-21 10:33:29	Name: platform_user_id_3rd_party Value: desktop:3c0abd955932875a9f239cf07d4323cd
.mgid.com/	1970-01-21 01:47:34	Name: __cf_bm Value: GFOBIK_AAfoQdJZLBMV9vxNbElW86erL2VBC4.FT388-1734453028-1.0.1.1-9BCgUW3rgkwoVMSIXJ8cL1HNU.N6W_G7VSqcd5y31thuUpXLay7zWPEpbjvj2QsRR1Ysa8nKiWsJx3X_1iIutA
newgenaffmedia.com/	1970-01-21 10:24:30	Name: c76b405781134be1dab7 Value: 6761a728fc91710cf3984fbd
.casinorocket.com/	1970-01-21 01:47:34	Name: __cf_bm Value: YMOIZ6.KeD2CV9CV7GF1WtAKh0wQrbHNpdj1OyrZ3NE-1734453032-1.0.1.1-NAWy7_rMH6mk8KJ5c0irrjHibp6ZiUvAas2w56qzAm7BVd0JArITsdbg0DsiunyTRLCMJ1XhZ_giFbPAQT5jzA
.onesignal.com/	1970-01-21 01:47:34	Name: __cf_bm Value: sFCEMrp42YSu1TkVBuwQhYdq2mHwcmmfhfqFe2sq.ng-1734453032-1.0.1.1-h9dBL9Q80g5TBWnBCtJAHhueI0mEEIqR7D4keVBaRIx55aBVQ4kzZqy3JZ22IzZA48xfSGoyvIdG8r2W7bQU.w

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://woonews5.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00AC050000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://us.skated.co/nty/postback/click?key=v2-1734453027454-7-1170-1341321-30e4e105-cbc6-06dd-bc5f-d99f0a2dba27 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0904102AC050000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-us.rwtks.com
brain-shoping4.xyz
c.mgid.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.seondf.com
cdntechone.com
clck.mgid.com
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
newgenaffmedia.com
payments-lib.cdn.s7s.ai
track-us.rwtks.com
us.skated.co
woonews5.xyz
www.casinorocket.com
xml.pushking.net
cdn.jsdelivr.net
cdn.onesignal.com
cdn.seondf.com
fonts.gstatic.com
www.casinorocket.com
104.16.160.145
104.19.132.76
104.19.133.76
142.250.186.67
172.64.148.59
172.66.43.67
173.214.240.15
185.135.9.192
185.49.145.45
188.114.96.3
199.182.164.180
2a00:1450:4001:82f::200a
2a00:1d26:8771::11
2a00:1d26:c771::12
88.214.195.115
88.214.195.18
0897fd49e18830b81ce46354e93bbdc1bc3d293f9caf221f824eb80a2ddbadbd
29adcfe8a81c3aa1a9c079ccf82c854220e18205667b4a8bf7f7cb09c09201c5
66cffad452236426dcb8ad573ebb899a10edc44f2592407f9e522f056137a13b
794e424cad112f306e1bf057c71a9c9f3c9de2adb2831f02f1159e93f6049061
81256b01a8b1717441b7b092170d0a15674da07c62bc9915879a9540ec7654f1
83522ef588f1f83f2a095f8a8f0091f9fff54e27287e2793e3846f9eabed84e9
844fc6adeee91ebf6089824f97ea1fd190fcbc44cb12108e2e8ac40d937e2fae
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9ab8d6395b1e564664e4b4e42079a9a24b98d8d74ca517dffbc7039bd3f922ed
a3625e608de3427f6cb1121d61f3108d17058f7cf629b7f9eabe876637e6837b
a9e14437bd879a04162a6cd4941261b1dc715078c9451bf316b0a9cb39bfaaec
ae583f8459b367b5b657fd4a368fa066dedcb88051ddc9339144db478784fff5
c0003609bf82177e5f7d3b7b33e41d14ac9a4c1dfd16951e220ee4a4ce4af357
c368b52084ce8913468078b6e812d35c8dc08e326674c9796232b8a56facf11f
ca7117651b417a2cd9ae025f1d78ae94dbb24bba520b5d7a962d66dc7b85011d
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

www.casinorocket.com Open in urlscan Pro 185.135.9.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

30 %HTTPS

19 %IPv6

17 Domains

19 Subdomains

11 IPs

5 Countries

273 kBTransfer

405 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

3 Console Messages

Indicators

www.casinorocket.com Open in urlscan Pro
185.135.9.192 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

30 %
HTTPS

19 %
IPv6

17
Domains

19
Subdomains

11
IPs

5
Countries

273 kB
Transfer

405 kB
Size

6
Cookies

60 HTTP transactions
0 data transactions